This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 92%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Hello,
In our environment, we use WSUS to update Defender AV definitions.
But on some Servers 2016, Defender is not automatically updating from WSUS. I checked on WSUS and all definition updates are marked as "not applicable". Automatic approval is already configured and many other servers work fine.
When I check the Defender logs, I can see this:
MpCmdRun: Command Line: "C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
Start Time: vr nov 18 2022 09:17:35
MpEnsureProcessMitigationPolicy(0x5): hr = 0
Start: MpSignatureUpdate()
Service Version: 4.18.2209.7
Engine Version: 1.1.19800.4
AntiSpyware Signature Version: 1.379.499.0
AntiVirus Signature Version: 1.379.499.0
Calling MpUpdateStartEx with option 0x5
Update started
Search Started (WSUS update) (Path: https://"WSUS Server path")...
Time Info - vr nov 18 2022 09:17:59 Search Completed
Update completed succesfully . no updates needed (hr:0x00000001)
Finish: MpSignatureUpdate()
MpCmdRun: End Time: vr nov 18 2022 09:17:59
Even though there are new updates released, Defender is not updating stating that no updates are needed (my guess would be that this is the reason why the updates are marked as "not applicable").
When we update manually from the Defender GUI, the updates everything works fine.
Please let me know what I could check for this issue.
AFAIK this question is not related to Azure policies so removing 'azure-policy' tag. Let me know if that's not the case and if the question is related to Azure policies. Thanks.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 23%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Kindly go through the following Microsoft reference and check all the steps:
Use WSUS to deploy definition updates to computers that are running Windows Defender